It's no secret that many Android phones are vulnerable to hacks and cyberattacks, but exactly just how exposed are they? A new study partly funded by Google reveals an overwhelming number of Android phones from an array of manufacturers are exposed to at least one critical Android vulnerability.
Researchers at the University of Cambridge have found that a whopping 87.7 percent of all Android phones are at risk of being hacked using one out of the 11 biggest Android security holes known to the security industry.
Unfortunately, the higher security risk comes as a result of one of the things that many people love about Android - too many manufacturers means too many hands for security patches to go through before they are rolled out over the air to phone owners.
"This is because manufacturers have not provided regular security updates," says Alastair R. Beresford, one of the researchers, in a blog post.
Google has attempted to mitigate the risk by promising monthly security updates for its Nexus line of devices, which is partly one reason why the researchers have named the Nexus phones the most secure Android phones to date. On a scale of 1 to 10 based on the researchers' rating system, Nexus scored an unimpressive 5.2, the highest obtained by all brands included in the study.
"Google has done a good job at mitigating many of the risks, and we recommend users only install apps from Google's Play Store since it performs additional safety checks on apps," says Beresford. "Unfortunately, Google can only do so much, and recent Android security problems have shown that this is not enough to protect users. Devices require updates from manufacturers, and the majority of devices aren't getting them."
Next on the list is LG, which scored 4.0. Motorola takes the third spot, with 3.1. The remaining OEMs include Samsung, which, like Google, also promised monthly security updates. Samsung, Sony, HTC and Asus all scored different decimals of 2. It's worth noting that other popular Android manufacturers such as Xiaomi, Huawei and Lenovo are not on the list, as the researchers admit their method was not optimized to include all OEMs.
Data for the study was collected through an app called Device Analyzer, which has been available on the Google Play Store since 2011. The app collects information from more than 20,000 Android devices whose owners opted in to participate in the study. Using the data collected by the app, the researchers analyzed the security of each device and assigned an FUM score to each brand based on the devices Free from vulnerabilities, the devices Updated with the latest security patches, and the Mean number of vulnerabilities not fixed by the manufacturer.
Photo: Atomic Taco | Flickr